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TN THE CLAIMS : 
Amended claims follow. 

1-25. (Cancelled) 

26. (New) In an environment that includes a plurality of users , 
wherein each user possesses secrets that are shared by respective sets of said 
plurality of users, a secret updating method, comprising: 

(a) updating at least one compromised secret known by at least one 
evicted user using at least one non-compromised secret that is not known by said 
at least one evicted user, 

27. (New) The method of claim 26, wherein said updating comprises 
updating a plurality of compromised secrets. 

28. (New) The method of claim 26, wherein said updating comprises 
updating all compromised secrets. 

29. (New) The method of claim 26, wherein said updating comprises 
updating at least one compromised secret known by one evicted user. 

30. (New) The method of claim 29, wherein said updating occurs 
upon an eviction event. 

3 1 . (New) The method of claim 26, wherein said updating comprises 
updating at least one compromised secret known by a plurality of evicted users. 

32. (New) The method of claim 31, wherein said updating occurs on 
a periodic basis. 
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33. (New) The method of claim 26, wherein said updating comprises 
updating a compromised secret using one non-compromised secret. 

34. (New) The method of claim 26, wherein said updating comprises 
updating a compromised secret known by a set of users using a non- 
compromised secret of a subgroup of said set of users. 

35 . (New) The method of claim 26, wherein said updating does not 
use new secret information. 

36. (New) The method of claim 26, wherein said compromised secret 
is shared by said plurality of users. 

37. (New) The method of claim 26, wherein said secrets enables 
secure communication. 

38. (New) In an environment that includes a plurality of users , 
wherein a first user possesses a set of keys, said set of keys including a first key 
that enables secure communication among a set of users, said set of users 
including at least said first user and a second user, a keying method, comprising: 

(a) upon eviction of at least said second user, determining an updated 
first key using information that includes said first key and a second key, wherein 
said second key enables secure communication among a subgroup of said set of 
users, wherein said subgroup does not include users subject to said eviction. 

39. (New) The method of claim 38, wherein only said second user is 
evicted. 
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40. (New) The method of claim 38, wherein said second user and one 
or more other users in said set of users are evicted. 

41 . (New) The method of claim 38, wherein said determining uses a 
function having the following properties: (1) knowledge of said updated first 
key does not give knowledge of said first key or said second key, (2) knowledge 
of said first key does not give any knowledge of said updated first key, and (3) 
knowledge of said first key and said updated first key does not give any 
knowledge of said second key. 

42. (New) The method of claim 4 1 , wherein said determining uses a 
one-way function. 

43. (New) The method of claim 42, wherein said updated first key is 
equal to F(first key, second key), wherein F() is a one-way function. 

44. (New) The method of claim 38, wherein said determining uses 
only said first key and said second key. 

45. (New) The method of claim 38, wherein said subgroup includes 
only said first user. 

46. (New) The method of claim 38, wherein said subgroup includes a 
plurality of users. 

47. (New) A keying method, comprising: 

(a) distributing information that enables each of a plurality of users 
to determine an individual set of keys, wherein each individual set of keys 
enables a respective user to securely communicate with a plurality of sets of said 
users; and 
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(b) upon eviction of at least one user, sending a message to each user 
that has a set of keys that includes one or more compromised keys known by 
said at least one evicted user, said message identifying users subject to said 
eviction and initiating a rekeying process by non-evicted users to modify 
compromised keys using non-compromised keys that are not known by said at 
least one evicted user. 

48. (New) The method of claim 47 ; wherein said distributed 
information includes said individual set of keys. 

49. (New) The method of claim 47, wherein said distributed 
information enables users to generate individual sets of keys. 

50. (New) The method of claim 47, wherein only one user is evicted, 

5 1 . (New) The method of claim 47, wherein a plurality of users is 
evicted. 

52. (New) The method of claim 47, wherein said plurality of sets of 
users includes a set of all users. 

53. (New) A keying method in an environment having a plurality of 
users , each user being capable of storing a set of keys that enable secure 
communication among sets of said plurality of users, comprising: 

(a) distributing first information that enables users to update, after 
eviction of one or more users, a set of compromised keys that are known to said 
one or more users without receiving new key information. 

54. (New) The method of claim 53, wherein said first information 
includes information that enables identification of a one-way function. 
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